Keeping your data secure
Liquibase maintains administrative, technical, and physical security measures designed to protect your personal information against unauthorized access, disclosure, alteration, loss, and misuse.
No online transmission is ever guaranteed to be fully secure or error-free, including email. Liquibase recommends not sending or disclosing any sensitive personal information to us directly or through our products.
Example: protected health information, passwords, and authentication/authorization credentials for other services.
Enhancing your database security
Liquibase lets you validate all database changes and use automation to control database access:
- If you store credentials for your application CD solution in a central, secure location such as HashiCorp Vault, automation can gather credentials from the tool and pass them to Liquibase without direct human access. Using this best practice with Liquibase decreases the surface area for database attacks.
- If you have a large number of users who make manual schema changes to the database, Liquibase eliminates the need for them to have direct database access.
Storing your credentials
Liquibase recommends storing user credentials in a secure credential repository, entering them in the CLI at runtime, or using Liquibase Environment Variables.
Using Liquibase and source control
Source control systems will help you manage and track the history of your resources, including changelogs and changesets. Using source control, you have an option to view when a file was changed, compare the changes that were made, and know who made the changes. Liquibase works with any source control system.
Liquibase versions your database changes, so storing these changes in a Source Control Management system is a best practice. Liquibase recommends you follow these best practices:
- Keep changelogs in the same repository as application code to ensure everything is kept in sync.
- Keep changesets in separate files to save time on searches and updates or avoid potential merge conflicts.
- Keep changelogs organized to identify your files by releases, database object types, or other information you prefer.
- Use branch and file naming standards to maintain logical patterns so you can see the exact changes in your branches and files.
Keeping your Liquibase Hub data secure
Here is what Liquibase does to keep Liquibase Hub data secure:
- Data encrypted in transit via secure HTTPS calls
- Data encrypted at rest once stored in our database
- Data secured via PostgreSQL Row Level Security
Collecting your Liquibase Hub data
Liquibase only sends information to Liquibase Hub when you provide all of the following:
- A valid Liquibase Hub API keys.
- A registered changelog file, except for the
drop-allcommand which does not require a changelog file.
liquibase.hub.modeproperty set to
meta. If you set the property to
off, no data will be sent to Liquibase Hub.
- Your system allowing
Without all these conditions, no information will be sent to Liquibase Hub.
The information that Liquibase sends to Liquibase Hub is determined by the
liquibase.hub.mode property setting. Liquibase recommends using
LIQUIBASE_HUB_MODE environment variable to control which environments can send which kind of data. Liquibase Hub collects data based on the setting in the Liquibase properties file or the Maven POM file:
offsends no data to Liquibase Hub, even if you have a valid Liquibase Hub API Key in your defaults file.
metasends what Liquibase considers the metadata, such as changelog name, changeset name, comments, username, timestamps, Liquibase version, Liquibase integration, and similar meta settings. Use the meta setting for connections where sensitive information might be transmitted using Liquibase, typically DML scripts with personally identifiable information. Applying the
metasetting prevents sensitive information from being transmitted to Liquibase Hub and limits users’ ability to use Liquibase Hub in identifying an update failure if one occurs.
allsends the metadata in addition to the changeset body from the changelog, generated SQL executed by the Liquibase core app, operation-event logs, and change-event logs.